<?
class Usuario {

	var $id_usuario;
	var $username;	
	var $nombre;
	var $apellido;	
	var $password;
	var $idContacto;
	var $addDate;
	var $modifyDate;
	var $estado;
	
	var $cookie;
	
	function anti_inyection(){
		$this->id_usuario=sql_quote($this->id_usuario);
	    $this->nombre=sql_quote($this->nombre);
		$this->apellido=sql_quote($this->apellido);
        $this->username=sql_quote($this->username);
        $this->password=sql_quote($this->password);
		$this->idContacto=sql_quote($this->idContacto);
		$this->addDate=sql_quote($this->addDate);
		$this->modifyDate=sql_quote($this->modifyDate);
		$this->estado=sql_quote($this->estado);
		$this->telefono=sql_quote($this->telefono);
        $this->cookie=sql_quote($this->cookie);
     }
	

	 function __construct($nombre="",$apellido="",$username="",$password="",$idContacto=0, $addDate="",$modifyDate="",$estado="") {
	 	$this->nombre=$nombre;
		$this->apellido=$apellido;
		$this->username=$username;
		$this->password=$password;	
		$this->addDate=$addDate;	
		$this->modifyDate=$modifyDate;	
		$this->estado=$estado;	
		$this->idContacto=$idContacto;	
		$this->anti_inyection();
	}

	function seleccion_todo_usuario($con){
		$strselect="SELECT * FROM usuarios;";
		$resultado = mysql_query($strselect,$con);
		return $resultado;
	}
	
	function seleccion_usuario($con){
		$this->anti_inyection();
		$strselect="SELECT * FROM usuarios WHERE username = '$this->username' AND pass = '$this->password';";
		$resultado = mysql_query($strselect,$con);
		return $resultado;
	}
	
	function seleccion_usuarioxusuario($con){
		$this->anti_inyection();
		$strselect="SELECT * FROM usuarios WHERE username = '$this->username';";
		$resultado = mysql_query($strselect,$con);
		return $resultado;
	}
	
	function eliminar_usuario($con) {
	$this->anti_inyection();
		$strdelete="delete from usuarios where username='$this->username';";
		mysql_query($strdelete,$con) or die (mysql_error());
	}
	function modificar_usuario($con){
		$this->anti_inyection();
		$srtupdate="UPDATE usuarios SET password='$this->password' where username='$this->username'";
		mysql_query($srtupdate,$con) or die (mysql_error());
	}
	function insertar_usuario($con) {
		$this->anti_inyection();
		$strinsert="insert into usuarios (username, password) values('$this->username','$this->password');";				
		mysql_query($strinsert,$con) or die (mysql_error())	;	
	}
	
	function asignar_usuario($nombre,$apellido,$username,$password,$idContacto,$addDate,$modifyDate,$estado){
		$this->nombre=$nombre;
		$this->apellido=$apellido;
		$this->username=$username;
		$this->password=$password;	
		$this->addDate=$addDate;
		$this->idContacto=$idContacto;
		$this->modifyDate=$modifyDate;	
		$this->estado=$estado;			
		$this->anti_inyection();
	}
	
	function grabar_cookie($con){
		$this->anti_inyection();
		$srtupdate="UPDATE usuarios SET cookie='$this->cookie' where username='$this->username'";
		mysql_query($srtupdate,$con);
	}	
	function getUsuarioCookiado($con, $id_usu, $cookie_usu){
		$this->anti_inyection();
    		$ssql = "select * from usuarios where username='" .$id_usu . "' and cookie='" . $cookie_usu . "' and cookie<>''";
      	$res= mysql_query($ssql, $con);
      	if (mysql_num_rows($res)==1){
            $this->asignar_usuario(mysql_result($res, 0, "username"), mysql_result($res, 0, "password"));				 
       	}  	
	}
	function validarLogin($con){
		$this->anti_inyection();
		$ssql = "select * from usuarios where username = '" . $this->username . "' and password='" .$this->password. "'";				
		return mysql_query($ssql, $con);
	}
	function existeUsuario($con){	
    $this->anti_inyection();
		$string= "SELECT COUNT(username)".
		         " FROM usuarios 
				   WHERE username='".$this->username."'";
		
		$result= mysql_query($string, $con ) or die(mysql_error());
		$row = mysql_fetch_row( $result );
		$totalRows = $row[0]; 
		
		if($totalRows>0){
			return true;
		}else{
			return false;
		}
	}


}
?>